HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options
Version 3.3 , CSP Policy
davieboy
New
Hi
I have just installed the forum and its going great, good job guys.
I cannot seem to get the Content Security Policy headers to work properly though, I have ran grep on the code and can see that the implementation is there but how do you active it?
adding
```$Configuration['ContentSecurityPolicy']['ScriptSrc']['AllowedDomains'] = ['my.domain'];```
to conf/config.php has no effect nor has removing 'my.domain'
any ideas?
0